HTTP: TIFF Thunder decoder
This signature detects attempts to exploit a known vulnerability against LibTiff Thunder decoder. Versions 3.9.4 and below are vulnerable. Attackers can attain remote code execution. Due to the nature of the vulnerability, the presence of thunder encoded file is detected, not the actual exploitation.
Extended Description
libTIFF is prone to a heap-based buffer-overflow vulnerability because the library fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. An attacker can exploit this issue to execute arbitrary code within the context of an application using the affected library. Failed exploit attempts will result in a denial-of-service condition.
Affected Products
Avaya communication_server_1000e
Short Name
HTTP:STC:IMG:TFF-THUNDER
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CVE-2011-1167 TIFF Thunder bid:46951 decoder
Release Date
08/26/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Occasionally
Vendors
Red_hat
Research_in_motion
Suse
Apple
Libtiff
Avaya
Slackware
Ubuntu
Mandriva
Debian
CVSS Score
6.8